📄 rfc2633.txt

📁 RFC文档
💻 TXT
📖 第 1 页 / 共 4 页
字号:
上一页 1 2 34
架。
如果，发送代理用不同长度的加密发送消息，监听通信信道的黑客就能够通过解密弱加
密的消息确定用强加密的消息。换句话说，发送者应该和不发送明文一样不发送弱加密的消
息。
如果也不使用认证，密文的修改将能不被识别，就如发送被封装的数据而没有把他装入
签名的信封中或者没有在其中包含签名信息一样。
A. ASN.1 模型
SecureMimeMessageV3
  { iso(1) member-body(2) us(840) rsadsi(113549)
         pkcs(1) pkcs-9(9) smime(16) modules(0) smime(4) }

DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- Cryptographic Message Syntax
    SubjectKeyIdentifier, IssuerAndSerialNumber,
RecipientKeyIdentifier
        FROM    CryptographicMessageSyntax
               { iso(1) member-body(2) us(840) rsadsi(113549)
                 pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) };

--  id-aa is the arc with all new authenticated and unauthenticated
--  attributes produced the by S/MIME Working Group

id-aa OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
rsadsi(113549)
        pkcs(1) pkcs-9(9) smime(16) attributes(2)}
-- S/MIME Capabilities provides a method of broadcasting the symetric
-- capabilities understood.  Algorithms should be ordered by preference
-- and grouped by type
smimeCapabilities OBJECT IDENTIFIER ::=
   {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 15}
SMIMECapability ::= SEQUENCE {
   capabilityID OBJECT IDENTIFIER,
   parameters ANY DEFINED BY capabilityID OPTIONAL }
SMIMECapabilities ::= SEQUENCE OF SMIMECapability
-- Encryption Key Preference provides a method of broadcasting the
-- preferred encryption certificate.
id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11}
SMIMEEncryptionKeyPreference ::= CHOICE {
   issuerAndSerialNumber   [0] IssuerAndSerialNumber,
   receipentKeyId          [1] RecipientKeyIdentifier,
   subjectAltKeyIdentifier [2] SubjectKeyIdentifier
}
-- The Content Encryption Algorithms defined for SMIME are:
-- Triple-DES is the manditory algorithm with CBCParameter being the
-- parameters
dES-EDE3-CBC OBJECT IDENTIFIER ::=
   {iso(1) member-body(2) us(840) rsadsi(113549)
encryptionAlgorithm(3) 7}
CBCParameter ::= IV
IV ::= OCTET STRING (SIZE (8..8))
--  RC2 (or compatable) is an optional algorithm w/ RC2-CBC-paramter
--  as the parameter
rC2-CBC OBJECT IDENTIFIER ::=
   {iso(1) member-body(2) us(840) rsadsi(113549)
encryptionAlgorithm(3) 2}
-- For the effective-key-bits (key size) greater than 32 and less than
-- 256, the RC2-CBC algorithm parameters are encoded as:
RC2-CBC-parameter ::=  SEQUENCE {
   rc2ParameterVersion  INTEGER,
   iv                   IV}
-- For the effective-key-bits of 40, 64, and 128, the
-- rc2ParameterVersion values are 160, 120, 58 respectively.
-- The following list the OIDs to be used with S/MIME V3
-- Digest Algorithms:
-- md5 OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549)
-- digestAlgorithm(2) 5}
-- sha-1 OBJECT IDENTIFIER ::=
--    {iso(1) identified-organization(3) oiw(14) secsig(3)
-- algorithm(2) 26}
-- Asymmetric Encryption Algorithms
--
-- rsaEncryption OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
-- 1}
--
-- rsa OBJECT IDENTIFIER ::=
--    {joint-iso-ccitt(2) ds(5) algorithm(8) encryptionAlgorithm(1) 1}
--
-- id-dsa OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
-- Signature Algorithms
--
-- md2WithRSAEncryption OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
-- 2}
--
-- md5WithRSAEncryption OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
-- 4}
--
-- sha-1WithRSAEncryption OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
-- 5}
--
-- id-dsa-with-sha1 OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 3}
-- Other Signed Attributes
--
-- signingTime OBJECT IDENTIFIER ::=
--    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
-- 5}
--    See [CMS] for a description of how to encode the attribute
--    value.

END
B. 参考文献
   [3DES]         ANSI X9.52-1998, "Triple Data Encryption Algorithm
                  Modes of Operation", American National Standards
                  Institute, 1998.
   [CERT3]        Ramsdell, B., Editor, "S/MIME Version 3 Certificate
                  Handling", RFC 2632, June 1999.
   [CHARSETS]     Character sets assigned by IANA. See             .
   [CMS]          Housley, R., "Cryptographic Message Syntax", RFC 2630,
                  June 1999.
   [CONTDISP]     Troost, R., Dorner, S. and K. Moore, "Communicating
                  Presentation Information in Internet Messages: The
                  Content-Disposition Header Field", RFC 2183, August
                  1997.
   [DES]          ANSI X3.106, "American National Standard for
                  Information Systems- Data Link Encryption," American
                  National Standards Institute, 1983.
   [DH]           Rescorla, E., "Diffie-Hellman Key Agreement Method",
                  RFC 2631, June 1999.
   [DSS]          NIST FIPS PUB 186, "Digital Signature Standard", 18
                  May 1994.
   [ESS]          Hoffman, P., Editor "Enhanced Security Services for
                  S/MIME", RFC 2634, June 1999.
   [MD5]          Rivest, R., "The MD5 Message Digest Algorithm", RFC
                  1321, April 1992.
   [MIME-SPEC]    The primary definition of MIME. "MIME Part 1: Format
                  of Internet Message Bodies", RFC 2045; "MIME Part 2:
                  Media Types", RFC 2046; "MIME Part 3: Message Header
                  Extensions for Non-ASCII Text", RFC 2047; "MIME Part
                  4: Registration Procedures", RFC 2048; "MIME Part 5:
                  Conformance Criteria and Examples", RFC 2049,
                  September 1993.
   [MIME-SECURE]  Galvin, J., Murphy, S., Crocker, S. and N. Freed,
                  "Security Multiparts for MIME: Multipart/Signed and
                  Multipart/Encrypted", RFC 1847, October 1995.
   [mustshould]   Bradner, S., "Key words for use in RFCs to Indicate
                  Requirement Levels", BCP14, RFC 2119, March 1997.
   [PKCS-1]       Kaliski, B., "PKCS #1: RSA Encryption Version 2.0",
                  RFC 2437, October 1998.
   [PKCS-7]       Kaliski, B., "PKCS #7: Cryptographic Message Syntax
                  Version 1.5", RFC 2315, March 1998.
   [RANDOM]       Eastlake, 3rd, D., Crocker, S. and J. Schiller,
                  "Randomness Recommendations for Security", RFC 1750,
                  December 1994.
   [RC2]          Rivest, R., "A Description of the RC2 (r) Encryption
                  Algorithm", RFC 2268, January 1998.
   [SHA1]         NIST FIPS PUB 180-1, "Secure Hash Standard," National
                  Institute of Standards and Technology, U.S. Department
                  of Commerce, DRAFT, 31May 1994.
   [SMIMEV2]      Dusse, S., Hoffman, P., Ramsdell, B., Lundblade, L.
                  and L.  Repka, "S/MIME Version 2 Message
                  Specification", RFC 2311, March 1998.
C. 致谢
   非常感谢S/MIME Version 2 Message Specification RFC的其他作者：Steve 
Dusse, Paul Hoffman, Laurence Lundblade and Lisa Repka。没有v2就不会
有v3。
   许多S/MIME工作组的成员也工作很努力，并为本文档作出了贡献。如果把所
有的人都列出来，将会很冗长，我为此深感抱歉。按字母顺序下面这些人名显示
在我的脑海中，因为他们对本文档作出了直接的贡献。
   Dave Crocker
   Bill Flanigan
   Paul Hoffman
   Russ Housley
   John Pawling
   Jim Schaad

编者通讯地址：
   Blake Ramsdell
   Worldtalk
   17720 NE 65th St Ste 201
   Redmond, WA 98052
   Phone: +1 425 376 0225
   EMail: blaker@deming.com
Full Copyright Statement
   Copyright (C) The Internet Society (1999).  All Rights Reserved.

   本文档极其译文可以拷贝供他人使用，假如上述版权信息和章节包括在这些
拷贝和派生作品中，评论性或解说性或帮助执行性的派生作品不受任何限制的、
全文或部分的构思、拷贝发行和分发。但是，本文档本身不得以任何形式修改，
诸如删除版权信息、参考书目等。
   除了为了制定Internet标准的情况下，必须遵守在Internet标准过程的版权程
序，或者要求翻译成非英语语言，互连网组织不得对本文档作任何修改。
上述申明具有永久性，互连网协会或其后继者或所属部门不得废除。
本文档极其所包含的信息是基于"AS IS"提供的，INTERNET协会和
INTERNET应用任务组否认所有的明确或隐含的警告，（其中）包括但不限制于
任何本文包含的信息的使用不侵犯任何版权或隐含的商业和为了特殊目的警告。
特别感谢
   目前为RFC编辑部门提供资金的互连网协会。
RFC2633—S/MIME Version 3 Message Specification  S/多用途网际邮件扩充协议(MIME)版本3信息说明书


1
RFC文档中文翻译计划
上一页 1 2 34
💿 文件大小 3416 K
👤 上传用户 tswccyt
📂 所属分类通讯编程文档
🏷️ 相关标签

#RFC #文档
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -